![](\"https:\/\/media.wired.com\/photos\/62acff464ddccadb37d01bea\/master\/pass\/Russian-Spy-The-Hague-Security-GettyImages-1198857382.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Matt Burgess| Date: Sat, 18 Jun 2022 13:00:00 +0000<\/strong><\/p>\n Matt Burgess<\/a><\/span><\/span><\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n This week, WIRED<\/span> revealed new details that link an Indian police force to a hacking campaign against human rights defenders and activists<\/a>. Researchers at SentinelOne uncovered connections between the city of Pune\u2019s police agency and evidence planted on the devices of activists, as part of a hacking campaign dubbed Modified Elephant. It is alleged that evidence was planted on the computers of activists Rona Wilson and Varvara Rao and then used to arrest the two men. Among other details, an unnamed security analyst at an email provider revealed to SentinelOne and WIRED that the email address and phone number of a Pune police official was set as the recovery email on hacked accounts.<\/p>\n Elsewhere, a new front is emerging in Russia\u2019s war against Ukraine. In the occupied city of Kherson and other nearby regions, Russian forces are routing internet connections from Ukrainian internet service providers to Russian companies. Ukrainian officials tell WIRED<\/a> the shifts are happening at a large scale and could result in people being subjected to Vladimir Putin\u2019s surveillance and censorship machine<\/a>.<\/p>\n Robocalls aren\u2019t going away. There\u2019s been progress in tackling the nuisance calls in recent years but the spammy calls are still prevalent. This week we looked into the roots of the problem and what can still be done in the fight against robocalls<\/a>. We also looked at a new way for cops to collect your fingerprints<\/a>. How censors in Shanghai haven\u2019t been able to hide stories of the city\u2019s dead<\/a> during an aggressive Covid-19 lockdown. And the dwindling options facing WikiLeaks founder Julian Assange<\/a> after the UK Home Office approved his extradition to the US, where he faces espionage and hacking charges.<\/p>\n But that's not all, folks. Each week we round up the big security and privacy news we didn't cover ourselves. Click the links for the full stories, and stay safe out there.<\/p>\n Viktor Muller Ferreira had a traumatic childhood. Growing up, his father and mother\u2014who had adopted him\u2014split up. His mother later died of pneumonia, and his aunt, who raised him, also passed away. The family didn\u2019t have much money. At school, children bullied Ferreira for his looks and his weird accent. As a result, he didn\u2019t have many friends.<\/p>\n One day when his aunt was out, a neighborhood boy came round and told Ferreira that he was the fairy tale character Grey Shadow and he was going to \u201cdevour\u201d him. \u201cThis scared me so much that I spent the entire day in a small box out on the balcony, praying until my aunt came home.\u201d As he grew older he worked in a garage, took an interest in journalism, and moved to Brazil to reunite with his estranged father and \u201crestore my citizenship.\u201d<\/p>\n Except, according to authorities in the Netherlands, none of that is true.<\/p>\n Dutch intelligence agency AVID claimed this week<\/a> that \u201cViktor Muller Ferreira\u201d is just a cover story and false identity for Sergey Vladimirovich Cherkasov, an alleged Russian intelligence officer belonging to the GRU military unit. AVID said it caught Cherkasov applying to be an intern at the International Criminal Court at The Hague, which is investigating potential war crimes in Russia\u2019s wars against Ukraine and Georgia.<\/p>\n As well as stopping Cherkasov from obtaining the position at the ICC and sending him back to Brazil, the Dutch intelligence agency also published his long and detailed cover story. The four-page story<\/a>, often known as a covert intelligence officer\u2019s \u201clegend,\u201d details the background of the \u201cFerreira\u201d identity. \u201cThe threat posed by this intelligence officer is deemed potentially very high,\u201d AVID said in a statement.<\/p>\n Since outing \u201cFerreira,\u201d more clues about his undercover life have emerged. Social media profiles belonging to \u201cFerreira\u201d have been discovered by the investigative unit Bellingcat<\/a>, as well as a blog and online CV. He also studied at Trinity College Dublin and Johns Hopkins University. Eugene Finkel, an associate professor at Johns Hopkins, who says he taught \u201cFerreira,\u201d tweeted<\/a>: \u201cI wrote him a letter. A strong one, in fact. Yes, me. I wrote a reference letter for a GRU officer. I will never get over this fact. I hate everything about GRU, him, this story. I am so glad he was exposed.\u201d<\/p>\n For years it\u2019s been impossible to move backups of WhatsApp chats between Android and iOS<\/a>, and vice versa. In August last year, WhatsApp announced it was starting to roll out the ability for people to move their data between iPhones and Android devices. Now, this week, the Meta-owned company says backups will work in the other direction too\u2014from Android to iOS<\/a>.<\/p>\n Processors from Intel and AMD are vulnerable to a new side-channel attack called Hertzbleed. The attack could allow the theft of cryptographic keys and data, as reported by BleepingComputer<\/a> and DarkReading<\/a>. Hertzbleed works by exploiting a common power-saving feature in chips\u2014called dynamic frequency scaling (DVFS)\u2014that could allow an attacker to steal data. Frequency changes in DVFS may be correlated with information being processed by chips, Intel says<\/a> in a blog post. Despite this, neither Intel nor AMD appear to have plans to address the issue. However, the risk to end users seems low at the moment. The team of researchers who found Hertzbleed say ordinary users probably shouldn\u2019t be worried<\/a>.<\/p>\n Ever since Covid-19<\/a> started spreading in early 2020, technological systems have been developed to try to control its spread. In China, a mandatory health code system was created<\/a> to monitor people\u2019s health status\u2014people with a red code are required to self-isolate, those with a green code are allowed to move freely. These health codes are tied to people\u2019s phones<\/a>. Now, according to multiple<\/a> reports<\/a>, people in the Chinese province of Henan claim their plans to protest have been blocked as their health code has been turned red. Several people impacted claim they have not been around anyone positive with Covid-19 and the change is an abuse of power by officials.<\/p>\n Mozilla\u2019s web browser may have been struggling<\/a> in recent years, but it is still one of the most privacy-friendly browsers. This week the company said Firefox is turning on its Total Cookie Protection feature by default for everyone using the browser. Any cookies saved to your computer will be available only to the website that placed them there, Mozilla explains in a blog post<\/a>. \u201cInstead of allowing trackers to link up your behavior on multiple sites, they just get to see behavior on individual sites,\u201d the company says, adding it is \u201cFirefox\u2019s strongest privacy protection to date.\u201d<\/p>\n In November 2021, the US sanctioned notorious Israeli spyware firm NSO Group. The company\u2019s Pegasus hacking tool has been used around the world to spy on journalists and activists<\/a>. This week it emerged that US defense firm L3Harris is interested in purchasing the technology behind Pegasus, as the Financial Times<\/em> reports<\/a>. Any purchase of the technology by a US company would potentially put it at odds with the Biden administration, which blacklisted NSO. Talk of the potential deal, which was said to be in early stages, has prompted criticism from the White House. \u201cWe are deeply concerned,\u201d a senior official told the Washington Post<\/em><\/a>. They said the deal could cause security and counterintelligence issues for the US.<\/p>\n